Introducing Lascar

Lascar stands for Ledger’s Advanced Side Channel Analysis Repository. Its goal is to gather and provide common tools and techniques used in the field of Side Channel Analysis, within an open, customizable library.

Based on the principle that published Side Channel Attacks, any scientific piece, should be reproducible, we aim at offering an open source platform for publishing your work.

From our experience, every Side Channel team owns and maintains its own tools, and very few people share their code. This may be caused by very few solutions being available.

Lascar is designed to provide almost everything one would need to complete a state-of-the-art Side Channel Analysis.

Main Features

Lascar provides primitives for all the required steps in Side Channel Analysis. It allows the implementaton of end-to-end Side Channel Attacks. The library offers:

A convenient data representation.

Multi-dimensional Tracesand the corresponding meta-data are stored within the same object. This is good practice for side channel implementations, as it prevents mistakes during the side channel processing where the traces and the corresponding plaintext/ciphertext mismatch. All native data types are supported transparently: int8_t, uint8_t, int16_t, uint16_t, int32_t, uint32_t, int64_t, uint64_t, float, double.

Lascar offers an answer to this problem through the Trace class and ContainerClass.

In Lascar, every side-channel experiment is called a Trace, and is represented as a couple (leakage,value)where:

leakage is a table containing your side-channel(s),

value is a table containing the value manipulated during the acquisition of the leakage,

both leakage and value have to be translatable as a numpy array.

As an extension the Container Class can be seen as a collection of Traces.

When using classical Side Channel Attacks Methodology, synchronization of traces with each other is key. Through this path, a classical and quite efficient countermeasure consists of introducing jitter, shuffling, randomization, in order to desynchronize traces. Lascar includes a set of useful and easy-to-use primitives for resynchronization purposes including:

Adding to that, Lascar is very versatile, allowing to add easily user-defined primitives. In Side Channel Attacks, when attacking a new set of traces, some tweaks are often necessary to post-process the traces. That’s why versatility is a key feature.

Resynchronization example: Before / After

A set of primitives for Side Cannel leakage characterization purposes.

Often, Side Channel Analysis first starts with a characterization. In this situation, the attacker has access to a device on which he knows the key / sensitive value he’s trying to attack. It can be another device, another similar application… In this situation, it’s definitely more efficient to start the analysis with statistical analysis for Side Channel leakage detection. Several of these statistical moments are implemented in Lascar:

These statistical moments allow the attacker to characterize the dependence between the key / sensitive data and the traces. They are key to performing efficient attacks.

SNR examples

A set of primitives for Side Channel Attacks methodology.

Ultimately, attacks are what we want to do. There are plenty of methodologies to attack a cryptographic (or non-cryptographic) implementation using Side Channel. They range from basic Timing Attacks / SPA, to Supervised High Order Machine Learning Based Attacks. Lascar offers a comprehensive set of attack primitives allowing you to implement your favorite attack.

Guessing entropyThe library has been designed to optimize ease-of-use.

Often, within Side Channel Analysis, the attacker wants to try a lot of different methodologies, combining them in different order to try new ideas. In Lascar’s case, implementing an end-to-end attack is very easy and convenient.

Founded in 2014, Ledger is a leader in security and infrastructure solutions for cryptocurrencies and blockchain applications. Headquartered in Paris, Vierzon, New York, San Francisco and Hong Kong, Ledger has a team of over 200 professionals developing a variety of products and services to safeguard cryptocurrency assets for individuals and companies – including the Ledger hardware wallets line already sold in 165 countries.